In this post I would like to share an example of implementing a custom SqlAuthorizationProvider for a Sitecore solution. First things first, you have to really consider using it for a large solution, it’s a customization for accessing items for users and roles and it’s a core functionality of Sitecore XM – this provider is called every time (if no cache hit), when anyone tries to get access to an item – with Experience Editor, Content Editor, Sitecore Item API, etc.).
On one of our current project we have a close deadline, therefore we need to simplify implementation and cut from the scope as much as possible to roll out the MVP with the full functionality but without Experience Editor support – as it’s not priority for now. We had a long discussion about this, the main reason of cutting scope is to keep the frontend simple as possible and focus on business logic functionality instead of editing experience. Therefore on the Sitecore side we are providing a few APIs for the frontend and not creating any layout, rendering and placeholders; only pure templates and content.
Sitecore provides you the possibility to implement your own layout resolver if the default one is not enough for you. Basically you can change the layout of a page based on a business logic without changing the item in the database.
The default Sitecore Name Value List field has an annoying issue. It does not allow to use special characters like ‘-‘ for the key. I just digged into the Sitecore.Kernel library and I found a regular expression validation which is hardcoded.
Let’s overwrite this class make it more flexible. The main issue with the implementation that they don’t encode/decode the URI.
The module is developed by @maaakstiles and I really like it because it’s easy to extend/change to fit your requirements. The basic idea is very easy. It gets data from somewhere (Sitecore/CSV/SQL/MySQL). I played with the SQL part.